CVE-2026-9361 | Edimax EW-7438RPn 1.12 POST Request /goform/formAccep formAccept submit-url command injection

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability was found in Edimax EW-7438RPn 1.12. It has been rated as critical. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection.

This vulnerability appears as CVE-2026-9361. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9361 | Edimax EW-7438RPn 1.12 POST Request /goform/formAccep formAccept submit-url command injection

Post correlati

CVE-2024-56748 | Linux Kernel up to 6.12.1 scsi qedf_alloc_and_init_sb memory leak

CVE-2018-25321 | TP-Link TL-WR720NMbps Wireless N Router 1_130719 Setting VirtualServerRpm.htm cross-site request forgery (Exploit 44335 / EDB-44335)

VDB-293907 | pankajindevops scale up to 20241113 API Endpoint access control

CVE-2023-47827 | NicheAddons Events Addon for Elementor Plugin up to 2.1.3 on WordPress authorization